rsa implementation question

Mel Wilson mwilson at
Mon Aug 16 20:04:17 CEST 2004

In article <mailman.1517.1092244848.5135.python-list at>,
Heiko Wundram <heikowu at> wrote:
>Am Mittwoch, 11. August 2004 10:21 schrieb Bryan Olson:
>> I agree with about half of Heiko Wundram's response.
>Well, with what don't you agree? ;)
>Anyway, I've not read anywhere that for signing a message it is discredited to
>use RSA decrypt with private key, encrypt with public key.

I believe there's a supplied-plaintext attack.  Your enemy can use
your public key to compute a special text, and ask you to sign it.
The effect of the computed text is that your enemy can then compute
your secret key from the signature.  Hashing beforehand makes is almost
impossible to fall into this trap.

        Regards.        Mel.

More information about the Python-list mailing list